VYPR
Unrated severityNVD Advisory· Published Oct 30, 2025· Updated Nov 17, 2025

Nagios XI < 5.2.4 SQL Injection in Notification Search

CVE-2016-15050

Description

Nagios XI versions prior to 5.2.4 contain a SQL injection vulnerability in the notification search functionality. User-supplied search parameters were incorporated into SQL statements without adequate parameterization or sanitation, allowing an authenticated user to manipulate database queries. Successful exploitation could disclose or modify notification data and, in some cases, impact the application database more broadly.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Nagios/XIllm-fuzzy
    Range: <5.2.4
  • Nagios/XIv5
    Range: 0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.